Thanks Splunk for such a great and powerful system.
I'm trying to do a scripted deploy using this URL.
http://splunkbase.splunk.com/apps:download/Splunk+for+Unix+and+Linux/4.5/unix.spl
wget doesn't work on it. What is the best method of getting the app or any other app onto the deployment client?
Thanks,
Justin
I'd like to see this ability to use wget as well. It would be much faster than downloading to my workstation and having to use scp and/or jump hosts in some cases to transfer files around.
That being said, I have been able to drop install and app files on our deployment server in the static folder which I can access via wget from other servers.
Any folders/files placed in $SPLUNK_HOME/etc/system/static can be accessed via the following URL which you can call via wget or curl.
https://your-splunk-server.com:8089/static
Hi Justin,
I agree with what jgedeon120 said. Some apps (in this case the *nix app) requires some manual post-installation configuration before it actually starts collecting and forwarding data. My advice would be to:
Now you'll have a *nix app that has been configured specifically for your environment.
If you've got a lot of servers, I'd recommend using a Deployment Manager, but the steps above are a fairly high-level summary of where I think you want to get to.
Hope this helps!
Justin,
You could download the apps that you want to deploy and host them to a location that they can be downloaded from and then use that location. This way, you know for sure that the version will match in the possible event that something is changed between the installs.
There really should be a wget URL for every app. The Splunk installer, and universal forwarder are available using wget so why are the apps not?
Today we configure every machine using tools like asible, chef, or puppet, it part of the disaster recovery. Since apps can't be downloaded on the host using wget, we have to check them into the git repo along with the ansible scripts, and this is really bad practice, alternatively we can put them into a public maven repo, or an S3 bucket, but thats just workarounds.
i second that, as i am using chef to setup apps for splunk on the target nodes